Secure Remote Attestation with Strong Key Insulation Guarantees

by   Deniz Gurevin, et al.

Recent years have witnessed a trend of secure processor design in both academia and industry. Secure processors with hardware-enforced isolation can be a solid foundation of cloud computation in the future. However, due to recent side-channel attacks, the commercial secure processors failed to deliver the promises of a secure isolated execution environment. Sensitive information inside the secure execution environment always gets leaked via side channels. This work considers the most powerful software-based side-channel attackers, i.e., an All Digital State Observing (ADSO) adversary who can observe all digital states, including all digital states in secure enclaves. Traditional signature schemes are not secure in ADSO adversarial model. We introduce a new cryptographic primitive called One-Time Signature with Secret Key Exposure (OTS-SKE), which ensures no one can forge a valid signature of a new message or nonce even if all secret session keys are leaked. OTS-SKE enables us to sign attestation reports securely under the ADSO adversary. We also minimize the trusted computing base by introducing a secure co-processor into the system, and the interaction between the secure co-processor and the attestation processor is unidirectional. That is, the co-processor takes no inputs from the processor and only generates secret keys for the processor to fetch. Our experimental results show that the signing of OTS-SKE is faster than that of Elliptic Curve Digital Signature Algorithm (ECDSA) used in Intel SGX.


page 1

page 2

page 3

page 4


Sanctorum: A lightweight security monitor for secure enclaves

Enclaves have emerged as a particularly compelling primitive to implemen...

HECTOR-V: A Heterogeneous CPU Architecture for a Secure RISC-V Execution Environment

To ensure secure and trustworthy execution of applications, vendors freq...

Attacking the Nintendo 3DS Boot ROMs

We demonstrate attacks on the boot ROMs of the Nintendo 3DS in order to ...

On The Performance of ARM TrustZone

The TrustZone technology, available in the vast majority of recent ARM p...

Processor Hardware Security Vulnerabilities and their Detection by Unique Program Execution Checking

Recent discovery of security attacks in advanced processors, known as Sp...

IRONHIDE: A Secure Multicore that Efficiently Mitigates Microarchitecture State Attacks for Interactive Applications

Microprocessors enable aggressive hardware virtualization by means of wh...

Mission Impossible: Securing Master Keys

Securing a secret master key is a non-trivial task, we even argue it is ...

Please sign up or login with your details

Forgot password? Click here to reset